By way of introduction, a certificate authority generally prepares a certificate revocation list of certificates which have been revoked by the certificate authority. The list is typically updated periodically. The list is generally used by authenticating devices to ensure that a seemingly valid certificate has not been revoked by the certificate authority which issued the certificate.
The use of certificate revocation lists is generally not enforced and it is up to the authenticating device to ensure that the device has the most up-to-date certificate revocation list(s) as well as to ensure that certificate authentication is performed against the certificate revocation list(s).
The following reference is believed to represent the state of the art:
PCT Application No. IL2005/000957 of NDS Limited;
US Published Patent Application 2004/0168056 of Dillaway, et al.;
US Published Patent Application 2005/0204127 of Dive-Reclus, et al.;
US Published Patent Application 2005/0257045 of Bushman, et al.;
US Published Patent Application 2005/0198508 of Beck;
US Published Patent Application 2005/0154898 of Chao;
US Published Patent Application 2005/0154875 of Chao;
US Published Patent Application 2003/0061481 of Levine, et al.; and
An article entitled “Restricting Access with Certificate Attributes in Multiple Root Environments—A Recipe for Certificate Masquerading” by Capt James M. Hayes of USAF, Systems and Network Attack Center, National Security Agency, Suite 6704—9800 Savage Road, Fort George G. Meade, Maryland 20755-6704, USA.
The disclosures of all references, mentioned above and throughout the present specification, as well as the disclosures of all references mentioned in those references, are hereby incorporated herein by reference.